Manualshelf

3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
181182183184185186187188189190
Typical Configuration of IKE 183
# Configure ACL.
[3ComA] acl number 3101 match-order auto
[3ComA-acl-adv-3101] rule permit ip source any destination any
# Configure an IKE peer.
[3ComA] ike peer peer
[3ComA-ike-peer-peer] exchange-mode aggressive
[3ComA-ike-peer-peer] pre-shared-key abc
[3ComA-ike-peer-peer] id-type name
[3ComA-ike-peer-peer] remote-name 3ComB
[3ComA-ike-peer-peer] nat traversal
# Create an IPsec proposal "prop".
[3ComA] ipsec proposal prop
[3ComA-ipsec-proposal-prop] encapsulation-mode tunnel
[3ComA-ipsec-proposal-prop] transform esp
[3ComA-ipsec-proposal-prop] esp encryption-algorithm des
[3ComA-ipsec-proposal-prop] esp authentication-algorithm sha1
# Create an IPsec policy and establish an SA through IKE negotiation.
[3ComA] ipsec policy policy 10 isakmp
# Configure the IPsec policy and quote the IKE peer in the policy.
[3ComA-ipsec-policy-isakmp-policy-10] ike-peer peer
# Quote the ACL 3101 in the IPsec policy.
[3ComA-ipsec-policy-isakmp-policy-10] security acl 3101
# Quote the IPsec proposal "prop" in the IPsec policy.
[3ComA-ipsec-policy-isakmp-policy-10] proposal prop
# Access the interface E0/0/0 and configure its IP address.
[3ComA] interface Ethernet0/0/0
[3ComA-Ethernet0/0/0] ip address 10.0.0.1 255.255.0.0
# Apply the IPsec policy group "policy" on the interface E0/0/0.
[3ComA-Ethernet0/0/0] ipsec policy policy
2 Configure 3Com B:
# Set a name for the local security GW.
[3ComB] ike local-name 3ComB
# Configure ACL.
[3ComB] acl number 3101 match-order auto
[3ComB-acl-adv-3101] rule permit ip source any destination any